These files are kept here for educational purpose. I found these files on one of our client's compromised server.
If you want to learn more about how these hacking scripts will work, you can clone the repo to your web server.
- visit <your_web_server_address>/wsouser.php
- The password is
tester@45 - Once logged-in, you can explore how the script can be utilized to hack into the php websites.
If you wanna learn more about another file:
- Visit <your_web_server_address>/srey.php
- Enter password
SREYOUN123!@# - Once logged-in you can explore all the available options.
If you wanna know more about what it does you can always explore through code as well. These couple of files are just one set of files whereas hundreds of different hacker files are available online. So, please make sure you protect your websites properly. I have some solutions here:
- You must understand that if you are on a shared server, hackers can access other sites too from one compromised website. So, makesure to protect your files with proper read/write permissions.
- You must validate all the input fields and forms in your website. because these forms are hackers first target to inject a file.
- Always be sure to not execute files from directory which are not required like uploads folder. Maintain htaccess or respective nginx configuration for this.
- Also for best results maintain FIM (File integrity monitoring) tools. So that you will be alerted if a file is modified and can help you to protect from hacking files to appear on your web server. There are lot of security implementations that you can take care of. But if your site is hacked make sure you reach professional for help. We also can help resolving the issues. You may contact us at my indian mobile number: +91-8919814333
Thanks!